Mosquitto 1.0 introduced the use of password files with hashed passwords but
had no way to convert from the old plain text password files. This feature will
be available in version 1.1 but if it is important to you then you can already
get the updated code for the mosquitto_passwd utility at
https://bitbucket.org/oojah/mosquitto/src/3b8ef11cf687

Broker

If the broker was configured for persistence, a durable client had a
subscription to topics in $SYS/# and had messages in its queue when the
broker restarted, then the persistent database would have messages missing
and so the broker would not restart properly. This has been fixed.

Library

Fix threading problem on some systems.

Tests

Close socket after 08-ssl-connect-no-auth-wrong-ca.py test to prevent

subsequent tests having problems.

Build scripts

Install pskfile.example in CMake. Fixes bug #1037504.

Other

This is a bugfix release. The important changes are fixing the on_log()
callback in the Python module and the log_dest option when running as a
Windows service. The rest of the fixes are documentation and build script
fixes.

Downloads are available on the download page and include all supported
binaries (except for Ubuntu packages which are still waiting to build due to
Launchpad maintenance). The Python module has been uploaded to Python Package
Index.

A few bugs have been identified with the 1.0 release; thanks to everyone who
has got in touch about it. They're mostly documentation/build script mistakes
(see ChangeLog.txt), but there is a Python bug that makes it worthwhile
making a quick bugfix release.

I intend to make the release this evening (in around 8 hours from this post),
so if you have anything you think needs fixing please try and get in touch
before then.

This is a feature and bugfix release. This is the most significant release for
the mosquitto project so far. It encompasses >20% of the total commits for
the project and has an increase in source tarball size of 95%, mostly down to
the new bundled tests and new man pages. It introduces lots of new features for
the broker and improves the API of the client libraries, although this does
mean that the libraries are incompatible with previous releases. I apologise
for this and hope you'll agree that the changes are worth it.

I've been overwhelmed with the amount of feedback that I've received recently,
thanks to everyone that has got in touch to let me know where something could
be improved. I'd particularly like to thank Nicholas Humfrey for setting me on
the continuous integration path.

On a slightly different note, my wife was expecting our first child two days
ago so it's quite likely I'll be less responsive to support requests for a
little while.

Significant changes

These are what I think are the exciting changes for this release.

SSL/TLS support across the board - the broker, client libraries and pub/sub
clients. This provides certificate based network encryption in a very
similar manner to SSL in a web browser where the client verifies that the
server is valid. It is also possible to use client certificates to
authenticate the clients with the server.

TLS-PSK support (not on Python). This is "pre-shared-key" network encryption
and represents a simpler encryption interface than certificate based
encryption which makes it much more suitable for embedded/constrained
devices.

The Python client library is now written in pure Python so is much easier to
use. It supports Python 2.6, 2.7 and 3.* (no SSL support for 2.6).

All client libraries have had their interface overhauled and should now be
much saner and straightforward to use.

The client libraries have thread support.

Passwords files for the broker are stored hashed and salted and a utility
for maintaining them has been provided.

It is now possible to write access and authentication plugins for the broker
for providing custom support for authentication against e.g. a SQL database.

Implementation of a good test suite which has lead to improved protocol
compliance amongst other bug fixes.

Masses of bug fixes.

Downloads

Source is available on the download page, the binary packages will follow as
soon as possible. Windows and Ubuntu packages are currently available, more to
follow.

The client libraries

Add struct mosquitto *mosq parameter for all callbacks in the client
library. This is a binary incompatible change so the soversion of the
libraries has been incremented. The new parameter should make it easier to
use callbacks in practice.

Add mosquitto_want_write() for use when using own select() loop with
mosquitto_socket().

The next release of mosquitto is approaching. There is currently only one
feature left on the todo list to complete and I've pencilled in the end of the
month as the release date. The date may slip a week or two after that depending
on any bugs reported.

Despite the development being carried out in the 0.16 branch and the current
in-development version numbers being 0.15.90, this will be version 1.0 of
mosquitto. There has been significant API changes (now a lot more sane
hopefully) which means the client library interface version has been
incremented, and the number of changes involved in this release far outreach
any previous release, including SSL support, a pure Python client
implementation, a healthy start on tests and an associated improvement in
protocol compliance, and threaded client support. I think it is well worthy of
the version number.

I am, however, very keen that this be as bug free a release as possible. To
this end, if you're a mosquitto user I'd be very appreciative if you'd download
the current source code and give it a try. Maybe read through the documentation
and check it makes sense

The source for the current version is at either of these links (ignore the
"0.16", that is just the branch name):

If you want to test but with a minimum amount of effort, please download the
source, run "make test" and report back any problems. This would be
particularly useful if you are using something other than a
Debian/Ubuntu/openSUSE based Linux. If you have any problems, bugs can be
reported at https://launchpad.net/mosquitto, by leaving a comment or by
getting in touch directly. I'm interested in anything, but would be especially
keen to hear from you if you think something to do with the client API needs
changing.

The next version of Mosquitto will provide SSL support for network encryption
and authentication. This work is still in development, but is sufficiently
advanced to make available for testing on test.mosquitto.org. In addition to
the existing unencrypted access via port 1883, connections are now possible on
ports 8883 and 8884.

Port 8884 uses the same server certificate, but requires that your client
provide a valid certificate signed by the mosquitto.org CA key. If you wish to
obtain a client certificate for testing purposes, please get in touch.

The development Python module provides client SSL support. The latest version
is available at mosquitto.py with a simple example at ssub.py. You will
need to place the mosquitto.org CA certificate linked above in the same
directory. All versions of Python from 2.7 upwards (including Python 3) are
supported.

The public Mosquitto test server, test.mosquitto.org has supported IPv6 since
it was originally put online but the required DNS record was missing. This has
now been fixed so once the record has propagated across the internet you should
be able to test your IPv6 clients.